How does that solve anything? Either these services will have to publish the key... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		dpark on Oct 5, 2016 \| parent \| context \| favorite \| on: Not OK, Google How does that solve anything? Either these services will have to publish the key on your behalf (so you can lookup the public key for bob@gmail.com with some public API), or you will have to provide the public key every time you hand out your email address. The former doesn't fix the issue at all, and the latter is unworkable because the guy reliably giving out the wrong email address will absolutely not remember his public key.

majewsky on Oct 5, 2016 [–]

> the guy reliably giving out the wrong email address will absolutely not remember his public key

Have the browser suggest the key IDs from `gpg --list-secret-keys`.

dpark on Oct 5, 2016 | [–]

/s

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact